Secure E-Mail with Open Source Software

Even if you're not sending industrial secrets out in your everyday e-mail, there might be plenty of things you'd rather not have winging around in the clear. One way to make sure your e-mail is free from eavesdroppers is through the use of public key encryption (PKE). PKE isn't just the preserve of large organizations. There are open source encryption solutions that enable smaller companies and individuals to use the technology at no cost-most commonly to encrypt and digitally sign e-mail messages.

In the business world, PGP Corp.'s public key encryption platform is the big player. What's interesting about this commercial platform is that it adheres to the OpenPGP standard - an e-mail encryption standard defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) Proposed Standard RFC 4880. OpenPGP was actually derived from PGP, the pioneering public key encryption program created by Phil Zimmerman back in 1991 which is the basis for PGP Corp.'s platform.

The good news is that there's a completely free, open-source implementation of the OpenPGP standard called GNU Privacy Guard (or, more commonly, "GPG"). Since any OpenPGP compliant software (should) work with any other, this means that GPG is compatible with PGP. Like any open-source alternative to a commercial product there are differences between PGP Corp.'s platform and GPG in terms of support and additional features, but GPG offers solid public key encryption and key management features as an alternative to a system such as that offered by PGP Corp., on a number of platforms including Windows, Linux, UNIX and OS X.

Read the Full Story